Privacy Policy

Effective Date: March 1, 2026 · Last Updated: March 1, 2026

The e2eforms.com platform (the "Service") is operated by the owner of e2eforms.com ("Company," "we," "us," or "our"). This Privacy Policy describes how we collect, use, store, and protect information when you use our Service.

By using the Service, you agree to the collection and use of information as described in this policy.

1. Information We Collect

1.1 Account Information

When you register for an account, we collect:

Your name and email address
Organization name
Password (stored as a salted hash — we never store plaintext passwords)

1.2 Form Submission Data

When respondents submit forms you create:

Standard forms: Submission data (text responses, selected options, etc.) is encrypted at rest on our servers using AES-256 server-side encryption. The server can decrypt this data to provide features like AI grading, analytics, and notifications. This protects against unauthorized database access but is not zero-knowledge — the Service can read the data in the normal course of operations.
End-to-end encrypted (E2EE) forms: Submission data is encrypted in the respondent's browser before transmission. We store only the encrypted ciphertext. We cannot read, access, or recover this data. File uploads on E2EE forms are also encrypted client-side using AES-256-GCM before upload.

1.3 File Uploads

Files uploaded through forms are stored on our servers. For standard forms, files are stored as-is with access controls. For E2EE forms, files are encrypted client-side before upload — we store only encrypted data and cannot access the original files.

1.4 Technical and Usage Data

We automatically collect certain information when you use the Service:

IP addresses (when IP logging is enabled by the form creator; disabled by default)
Browser user-agent strings
Referrer URLs
Submission timestamps
Anti-cheat signals (focus loss counts, time-to-submit, JavaScript fingerprint presence)

Note on E2EE and IP Logging: When end-to-end encryption is enabled on a form, submission content is encrypted client-side before reaching our servers. However, if IP logging is also enabled, IP addresses are stored separately in plaintext as server-level metadata — they are not covered by E2EE. Form creators should be aware that enabling both features means submission content is encrypted but respondent IP addresses remain visible.

1.5 Payment Information

Payment processing is handled by our third-party payment processor (Square). We do not store your full credit card number on our servers. We may store transaction identifiers, subscription status, and billing history.

1.6 SMTP Credentials

If you configure custom SMTP settings, your SMTP password is encrypted using AES-256-CBC before storage. We decrypt it only at the time of sending emails on your behalf.

2. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve the Service
Process form submissions and deliver them to form creators
Authenticate your identity and secure your account
Process payments and manage subscriptions
Send transactional emails (submission notifications, account alerts)
Detect and prevent fraud, spam, and abuse
Comply with legal obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes. We do not use your form data to build advertising profiles. We do not serve advertisements in our products.

3. Data Encryption

3.1 Server-Side Encryption (All Forms)

All submission data is encrypted at rest using AES-256 server-side encryption. This means that data stored in our database is ciphertext, protecting it against unauthorized database access. The server retains the ability to decrypt this data as needed to provide Service features (AI grading, analytics, notifications, CSV export).

3.2 End-to-End Encryption (Optional)

Zero-Knowledge Architecture: For E2EE-enabled forms, all encryption and decryption occurs exclusively in the user's browser. The encryption passphrase never leaves your device and is never transmitted to our servers. This is in addition to the server-side encryption described above.

Our E2EE implementation uses:

Key Derivation: PBKDF2-SHA256 with 600,000 iterations and a 256-bit random salt
Encryption: AES-256-GCM with 96-bit random IVs and 128-bit authentication tags
Context Binding: Additional Authenticated Data (AAD) ties ciphertext to specific form and submission UUIDs, preventing cross-context replay
File Encryption: Files are encrypted client-side using the same AES-256-GCM scheme before upload
Passphrase Verification: SHA-256 hash of the derived key allows passphrase verification without trial decryption

What we store for E2EE forms: encrypted ciphertext, initialization vectors (IVs), AAD strings, KDF salt, and a verification hash. We do not store and cannot derive the encryption passphrase or decryption keys.

Important: If you lose your encryption passphrase, all encrypted data is permanently and irrecoverably lost. We cannot help you recover it under any circumstances.

4. Data Storage and Security

We implement commercially reasonable security measures to protect your data, including:

TLS encryption for all data in transit
Server access controls and authentication
Password hashing (bcrypt) for account credentials
AES-256-CBC encryption for stored SMTP credentials
Session security (HTTP-only, secure cookies, CSRF protection)
Rate limiting on authentication endpoints
Input sanitization and prepared statements to prevent injection attacks
Content Security Policy headers

Despite these measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security, and you use the Service at your own risk.

5. Data Retention

Account data: Retained while your account is active. Deleted within 90 days of account deletion.
Form submissions: Retained until you delete them or your account is terminated.
Encrypted data: All submission data is stored encrypted at rest. Server-side encrypted data can be selectively deleted. E2EE-encrypted data cannot be selectively modified since we cannot read it — it can only be deleted as a whole.
Server logs: Retained for up to 90 days for security and debugging purposes.
Inactive accounts: Free accounts inactive for 12 consecutive months may be deleted after notice.

6. Your Data Rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you
Correct inaccurate personal data
Delete your personal data and account
Export your data (CSV export is available for form submissions)
Object to certain processing of your data

To exercise these rights, contact us at support@e2eforms.com. We will respond within 30 days.

Note: For E2EE data, we cannot provide access to or export decrypted content, as we do not possess the decryption keys. You must decrypt this data yourself using your passphrase.

7. Data Controller vs. Data Processor

When you create forms and collect data from respondents, you act as the data controller and we act as the data processor. You are responsible for ensuring your data collection practices comply with applicable privacy laws (GDPR, CCPA, etc.), including providing appropriate privacy notices to your respondents and obtaining any required consent.

8. Third-Party Services

We use the following third-party services:

Square: Payment processing. Subject to Square's Privacy Policy.
Custom SMTP providers: If you configure custom SMTP, emails are transmitted through your chosen provider.

We do not use third-party analytics, advertising networks, or tracking services in our products.

9. Cookies

We use only essential cookies required for the Service to function:

Session cookie: Maintains your authenticated session. HTTP-only, secure, and not accessible to JavaScript.
CSRF token: Prevents cross-site request forgery attacks.

We do not use tracking cookies, advertising cookies, or any non-essential cookies.

10. Children's Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete it promptly. If you believe a child under 13 has provided us with personal information, please contact us.

11. International Data Transfers

Our servers are located in the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States. By using the Service, you consent to this transfer. For E2EE data, this is less relevant since we cannot access the encrypted content regardless of server location.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on our website and updating the "Last Updated" date. We may also send email notification for significant changes. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

e2eforms.com
Pittsburgh, Pennsylvania, United States
Email: support@e2eforms.com